mirror of
https://github.com/Fishwaldo/linux-bl808.git
synced 2025-06-17 20:25:19 +00:00
audit: add filtering for io_uring records
This patch adds basic audit io_uring filtering, using as much of the existing audit filtering infrastructure as possible. In order to do this we reuse the audit filter rule's syscall mask for the io_uring operation and we create a new filter for io_uring operations as AUDIT_FILTER_URING_EXIT/audit_filter_list[7]. Thanks to Richard Guy Briggs for his review, feedback, and work on the corresponding audit userspace changes. Acked-by: Richard Guy Briggs <rgb@redhat.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Paul Moore
parent
5bd2182d58
commit
67daf270ce
5 changed files with 64 additions and 20 deletions
|
|
@ -167,8 +167,9 @@
|
|||
#define AUDIT_FILTER_EXCLUDE 0x05 /* Apply rule before record creation */
|
||||
#define AUDIT_FILTER_TYPE AUDIT_FILTER_EXCLUDE /* obsolete misleading naming */
|
||||
#define AUDIT_FILTER_FS 0x06 /* Apply rule at __audit_inode_child */
|
||||
#define AUDIT_FILTER_URING_EXIT 0x07 /* Apply rule at io_uring op exit */
|
||||
|
||||
#define AUDIT_NR_FILTERS 7
|
||||
#define AUDIT_NR_FILTERS 8
|
||||
|
||||
#define AUDIT_FILTER_PREPEND 0x10 /* Prepend to front of list */
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue